Open Bug 370883 Opened 18 years ago Updated 12 years ago

showdependencytree.cgi is confused by security bugs you cannot see

Categories

(Bugzilla :: Dependency Views, defect)

Product:
Bugzilla
Component:
Dependency Views
Version:
2.23.4
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

People

(Reporter: LpSolit, Unassigned)

References

Details

If there are some bugs restricted to groups you don't belong to, showdependencytree.cgi is confused and stops the tree at the security bug, but it still mentions bugs which are on the other "side" of the branch of the security bug. Clicking "Show/Hide resolved" doesn't help, you still cannot display them. We should either drop them completely and fix the buglist and the title accordingly, or we should display the security bug number with "bug summary not available" in place of its summary and display the remaining bugs. This bug is similar to bug 309108 about open bugs blocking/depending on closed bugs (except we are talking about security bugs here).
We should display the information but hide the bug summary. If the other bugs are public, you could figure out the information anyway, so it's not secret information.
Just a note from the duplicate bug (which I filed), if there are two non visible bugs between Bug A and Bug D, you still get see through both private bugs which is something that the user could not find out on their own.
You need to log in before you can comment on or make changes to this bug.